<?php

/**
 * @author      Dennis Greulich / Pionier 
 * 
 * @package AllianzTool3
 * @version $Id: index.php 3 2010-01-24 09:20:21Z allytools $
 * @copyright (c) 2009 Allytools
 * @license http://creativecommons.org/licenses/by-sa/3.0/de/
 *
 */

//Includes
require ("./config.php");
require ("./system/functions.php");
require ("./system/class/mysql.class.php");
require ("./system/libs/Smarty.class.php");
include './language/'.SYS_LANG.'/login.php';

switch($_GET['action']) 
    {     
        case 'logout' :
            
            session_start();
            session_destroy();

            $hostname = $_SERVER['HTTP_HOST'];
            $path = dirname($_SERVER['PHP_SELF']);

            $final_report.="Du wurdest erfolgreich ausgelogt <meta http-equiv='Refresh' content='2; URL=home.php'/>";
                    
		break;
        
        case 'verify' :
            
            phpinfo();
                    
		break;

		default :
            ob_start();
            session_start(); 
            
            $display="none";
            
            $db = new mysql(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE);
            $db->connect();

            if(isset($_POST['login']))
            {
                $username= strip_tags(str_replace('\'', '"', $_POST['username']));
                $password = strip_tags(str_replace('\'', '"', $_POST['password']));
                if($username == NULL OR $password == NULL){
                $final_report.= $l_error_emty;
                }
                else
                {
                    $sql = "SELECT * FROM `".TABLE_USER."` WHERE `username` = '".$username."'";
                    $row = $db->query($sql);
                    
                    if($db->affected_rows == 0)
                    {
                        $final_report.= $l_error_login_failed;
                    }
                    else
                    {
                        $get_user_data = $db->fetch_array($row);
                        
                        if($get_user_data['status'] == 'email' || $get_user_data['status'] == 'admin')
                        {
                            $final_report.= $l_error_login_mail;
                        }
                        else
                        {
                            if($get_user_data['userpass'] == MD5($password))
                            {
                            	$_SESSION['angemeldet'] = true;
                                $_SESSION['timeout']    = time();
                                $_SESSION['user_id']    = "".$get_user_data['id']."";
                                $_SESSION['username']   = "".$get_user_data['username']."";
                                $_SESSION['language']   = "".$get_user_data['language']."";
                                $_SESSION['style']      = "".$get_user_data['style']."";
                                $_SESSION['rang']      = "".$get_user_data['rang']."";
                                
                                $sql = "UPDATE `".TABLE_USER."` SET logins=logins+1, lastlogin=NOW() WHERE id='".$_SESSION['user_id']."'";
                                $rows = $db->query($sql);
                                
                                $final_report.="You are about to be logged in, please wait a few moments.. <meta http-equiv='Refresh' content='2; URL=home.php'/>";
                            }
                            else
                            {
                                $final_report.= $_l_error_login_failed;
                                exit();
                            }
                        }
                    }
                }
            }
            
            $db->close();
    }
    
    $tpl = new Smarty;

    $tpl->assign('title',$l_title);
    $tpl->assign('report', $final_report);
    $tpl->assign('name',$l_user_name);
    $tpl->assign('pass',$l_user_password);
    $tpl->assign('auto_login',$l_auto_login);
    $tpl->assign('button_1',$l_login_button_1);
    $tpl->assign('reg',$l_register);
    $tpl->assign('pw_lost',$l_pw_lost);

    $tpl->assign('style', SYS_STYLE); //Style laden
    $tpl->assign('lang', SYS_LANG); //Sprache laden
    $tpl->debugging = TPL_DEBUG; //Debuggen
    $tpl->display('login.html'); //Template ausgeben

?>